Lucene search

K
cvelistMitreCVELIST:CVE-2012-5785
HistoryNov 04, 2012 - 10:00 p.m.

CVE-2012-5785

2012-11-0422:00:00
mitre
www.cve.org
4

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

25.1%

Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

25.1%

Related for CVELIST:CVE-2012-5785